Denial of Service Vulnerability in Cisco Prime Network Analysis Module
CVE-2016-1370

5.3MEDIUM

Key Information:

Vendor: Cisco
Status: Network Analysis Module Software
Vendor: CVE Published:; 3 June 2016

What is CVE-2016-1370?

A vulnerability exists in Cisco Prime Network Analysis Module due to incorrect calculations of IPv6 payload lengths. This miscalculation allows attackers to send specially crafted IPv6 packets, which can lead to a denial of service by causing the monitoring process to crash. As a result, this can disrupt network monitoring capabilities, impacting overall network performance and security. Timely patching and updates are crucial to safeguard against these types of attacks.

References

http://www.securitytracker.com/id/1036016

vdb-entryx_refsource_SECTRACK

http://tools.cisco.com/security/center/content/CiscoSecur...

vendor-advisoryx_refsource_CISCO

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 3, 2016
Vulnerability Reserved
Jan 4, 2016